Commit Graph

145 Commits

Author SHA1 Message Date
Laszlo Ersek ad43bc6b2e OvmfPkg: PlatformPei: protect SEC's GUIDed section handler table thru S3
OVMF's SecMain is unique in the sense that it links against the following
two libraries *in combination*:

- IntelFrameworkModulePkg/Library/LzmaCustomDecompressLib/
                                               LzmaCustomDecompressLib.inf
- MdePkg/Library/BaseExtractGuidedSectionLib/
                                           BaseExtractGuidedSectionLib.inf

The ExtractGuidedSectionLib library class allows decompressor modules to
register themselves (keyed by GUID) with it, and it allows clients to
decompress file sections with a registered decompressor module that
matches the section's GUID.

BaseExtractGuidedSectionLib is a library instance (of type BASE) for this
library class. It has no constructor function.

LzmaCustomDecompressLib is a compatible decompressor module (of type
BASE). Its section type GUID is

  gLzmaCustomDecompressGuid == EE4E5898-3914-4259-9D6E-DC7BD79403CF

When OVMF's SecMain module starts, the LzmaCustomDecompressLib constructor
function is executed, which registers its LZMA decompressor with the above
GUID, by calling into BaseExtractGuidedSectionLib:

  LzmaDecompressLibConstructor() [GuidedSectionExtraction.c]
    ExtractGuidedSectionRegisterHandlers() [BaseExtractGuidedSectionLib.c]
      GetExtractGuidedSectionHandlerInfo()
        PcdGet64 (PcdGuidedExtractHandlerTableAddress) -- NOTE THIS

Later, during a normal (non-S3) boot, SecMain utilizes this decompressor
to get information about, and to decompress, sections of the OVMF firmware
image:

  SecCoreStartupWithStack() [OvmfPkg/Sec/SecMain.c]
    SecStartupPhase2()
      FindAndReportEntryPoints()
        FindPeiCoreImageBase()
          DecompressMemFvs()
            ExtractGuidedSectionGetInfo() [BaseExtractGuidedSectionLib.c]
            ExtractGuidedSectionDecode() [BaseExtractGuidedSectionLib.c]

Notably, only the extraction depends on full-config-boot; the registration
of LzmaCustomDecompressLib occurs unconditionally in the SecMain EFI
binary, triggered by the library constructor function.

This is where the bug happens. BaseExtractGuidedSectionLib maintains the
table of GUIDed decompressors (section handlers) at a fixed memory
location; selected by PcdGuidedExtractHandlerTableAddress (declared in
MdePkg.dec). The default value of this PCD is 0x1000000 (16 MB).

This causes SecMain to corrupt guest OS memory during S3, leading to
random crashes. Compare the following two memory dumps, the first taken
right before suspending, the second taken right after resuming a RHEL-7
guest:

crash> rd -8 -p 1000000 0x50
1000000: c0 00 08 00 02 00 00 00 00 00 00 00 00 00 00 00  ................
1000010: d0 33 0c 00 00 c9 ff ff c0 10 00 01 00 88 ff ff  .3..............
1000020: 0a 6d 57 32 0f 00 00 00 38 00 00 01 00 88 ff ff  .mW2....8.......
1000030: 00 00 00 00 00 00 00 00 73 69 67 6e 61 6c 6d 6f  ........signalmo
1000040: 64 75 6c 65 2e 73 6f 00 00 00 00 00 00 00 00 00  dule.so.........

vs.

crash> rd -8 -p 1000000 0x50
1000000: 45 47 53 49 01 00 00 00 20 00 00 01 00 00 00 00  EGSI.... .......
1000010: 20 01 00 01 00 00 00 00 a0 01 00 01 00 00 00 00   ...............
1000020: 98 58 4e ee 14 39 59 42 9d 6e dc 7b d7 94 03 cf  .XN..9YB.n.{....
1000030: 00 00 00 00 00 00 00 00 73 69 67 6e 61 6c 6d 6f  ........signalmo
1000040: 64 75 6c 65 2e 73 6f 00 00 00 00 00 00 00 00 00  dule.so.........

The "EGSI" signature corresponds to EXTRACT_HANDLER_INFO_SIGNATURE
declared in
MdePkg/Library/BaseExtractGuidedSectionLib/BaseExtractGuidedSectionLib.c.

Additionally, the gLzmaCustomDecompressGuid (quoted above) is visible at
guest-phys offset 0x1000020.

Fix the problem as follows:
- Carve out 4KB from the 36KB gap that we currently have between

  PcdOvmfLockBoxStorageBase + PcdOvmfLockBoxStorageSize == 8220 KB
  and
  PcdOvmfSecPeiTempRamBase                              == 8256 KB.

- Point PcdGuidedExtractHandlerTableAddress to 8220 KB (0x00807000).

- Cover the area with an EfiACPIMemoryNVS type memalloc HOB, if S3 is
  supported and we're not currently resuming.

The 4KB size that we pick is an upper estimate for
BaseExtractGuidedSectionLib's internal storage size. The latter is
calculated as follows (see GetExtractGuidedSectionHandlerInfo()):

  sizeof(EXTRACT_GUIDED_SECTION_HANDLER_INFO) +         // 32
  PcdMaximumGuidedExtractHandler * (
    sizeof(GUID) +                                      // 16
    sizeof(EXTRACT_GUIDED_SECTION_DECODE_HANDLER) +     //  8
    sizeof(EXTRACT_GUIDED_SECTION_GET_INFO_HANDLER)     //  8
    )

OVMF sets PcdMaximumGuidedExtractHandler to 16 decimal (which is the
MdePkg default too), yielding 32 + 16 * (16 + 8 + 8) == 544 bytes.

Regarding the lifecycle of the new area:

(a) when and how it is initialized after first boot of the VM

  The library linked into SecMain finds that the area lacks the signature.
  It initializes the signature, plus the rest of the structure. This is
  independent of S3 support.

  Consumption of the area is also limited to SEC (but consumption does
  depend on full-config-boot).

(b) how it is protected from memory allocations during DXE

  It is not, in the general case; and we don't need to. Nothing else links
  against BaseExtractGuidedSectionLib; it's OK if DXE overwrites the area.

(c) how it is protected from the OS

  When S3 is enabled, we cover it with AcpiNVS in InitializeRamRegions().

  When S3 is not supported, the range is not protected.

(d) how it is accessed on the S3 resume path

  Examined by the library linked into SecMain. Registrations update the
  table in-place (based on GUID matches).

(e) how it is accessed on the warm reset path

  If S3 is enabled, then the OS won't damage the table (due to (c)), hence
  see (d).

  If S3 is unsupported, then the OS may or may not overwrite the
  signature. (It likely will.) This is identical to the pre-patch status.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15433 6f19259b-4bc3-4df7-8a09-765794883524
2014-04-05 21:26:09 +00:00
Laszlo Ersek d945a8ba5b OvmfPkg: introduce empty PlatformDxe
This DXE driver will load/save persistent values for OVMF's config knobs,
plus expose those knobs via HII.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15364 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-22 07:12:55 +00:00
Laszlo Ersek da78c88f45 OvmfPkg: raise DXEFV size to 8 MB
This fixes build errors like:

  GenFds.py...
    the required fv image size 0x71b118 exceeds the set fv image size
    0x700000

which is reported at least for:
(a) -b DEBUG -D SECURE_BOOT_ENABLE -t GCC44,
(b) -b DEBUG -D SECURE_BOOT_ENABLE -t GCC48 -D CSM_ENABLE

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15309 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-05 00:54:00 +00:00
Laszlo Ersek 939004009d OvmfPkg: S3 Resume: pull in BootScriptExecutorDxe
This driver (from
"MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf")
is first loaded normally during DXE. When the
EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL is installed by any DXE driver (purely
as a form of notification), the driver reloads itself to reserved memory.

During S3 Resume / PEI, the driver image is executed from there. In order
to access the boot script saved during S3 Suspend, LockBox access is
needed.

The boot script is transferred internal to PiDxeS3BootScriptLib:

Both S3SaveStateDxe and BootScriptExecutorDxe are statically linked
against PiDxeS3BootScriptLib. Whichever is loaded first (during normal
boot, in the DXE phase), allocates the root storage for the script. The
address is then passed between the PiDxeS3BootScriptLib instances living
in the two separate drivers thru the dynamic
PcdS3BootScriptTablePrivateDataPtr PCD.

Dependencies:

  BootScriptExecutorDxe
    gEfiLockBoxProtocolGuid [OvmfPkg/AcpiS3SaveDxe]
    S3BootScriptLib [PiDxeS3BootScriptLib]
      SmbusLib [BaseSmbusLibNull]
      LockBoxLib [OvmfPkg/Library/LockBoxLib]
    LockBoxLib [OvmfPkg/Library/LockBoxLib]

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15307 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-04 08:04:13 +00:00
Laszlo Ersek b017b1b27a OvmfPkg: S3 Suspend: enable creation/saving of an S3 Boot Script
"MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf" produces
the EFI_S3_SAVE_STATE_PROTOCOL which allows creation and saving of an S3
Boot Script, to be replayed in PEI during S3 Resume. The script contains
opcodes and opcode arguments to configure CPU, PCI and IO resources.

S3SaveStateDxe relies on the S3BootScriptLib library. The Null
implementation is not useful for actually saving the boot script, we need
the PiDxeS3BootScriptLib instance.

The PiDxeS3BootScriptLib library instance depends on LockBoxLib,
implemented for OVMF in one of the previous patches.

PiDxeS3BootScriptLib also depends on SmbusLib. For now we opt for the Null
instance of the latter. It means that SMBus commands in the boot script
will have no effect when interpreted during S3 Resume. This should be fine
for OvmfPkg and QEMU.

  EFI_S3_SAVE_STATE_PROTOCOL [S3SaveStateDxe]
    S3BootScriptLib [PiDxeS3BootScriptLib]
      SmbusLib [BaseSmbusLibNull]
      LockBoxLib [OvmfPkg/Library/LockBoxLib]

When the EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL is installed by any DXE driver
(purely as a form of notification), the S3SaveStateDxe driver saves the
boot script to EfiACPIMemoryNVS, and links it into the LockBox.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15304 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-04 08:03:50 +00:00
Laszlo Ersek 389cbceb7f OvmfPkg: S3 Suspend: save ACPI context
"OvmfPkg/AcpiS3SaveDxe/AcpiS3SaveDxe.inf" (originally:
"IntelFrameworkModulePkg/Universal/Acpi/AcpiS3SaveDxe/AcpiS3SaveDxe.inf")
produces the EFI_ACPI_S3_SAVE_PROTOCOL.

When found, this protocol is automatically invoked by
BdsLibBootViaBootOption(), in file
"IntelFrameworkModulePkg/Library/GenericBdsLib/BdsBoot.c", right before
booting a boot option, to save ACPI S3 context.

At that point during BDS, our AcpiPlatformDxe driver will have installed
the FACS table (which AcpiS3SaveDxe has a use-time dependency upon).

With regard to dependencies: AcpiS3SaveDxe implements
EFI_ACPI_S3_SAVE_PROTOCOL by relying on LockBoxLib.

  BdsLibBootViaBootOption()
    EFI_ACPI_S3_SAVE_PROTOCOL [AcpiS3SaveDxe]
      LockBoxLib [OvmfPkg/Library/LockBoxLib]

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
[jordan.l.justen@intel.com: Remove EmuNvramLib]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15303 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-04 08:03:38 +00:00
Laszlo Ersek 6a7cba79b7 OvmfPkg: implement LockBoxLib
The S3 suspend/resume infrastructure depends on the LockBox library class.
The edk2 tree currently contains Null and SMM instances. The Null instance
is useless, and the SMM instance would require SMM emulation by including
the SMM core and adding several new drivers, which is deemed too complex.

Hence add a simple LockBoxLib instance for OVMF.

jordan.l.justen@intel.com:
 * use PCDs instead of EmuNvramLib
   - clear memory in PlatformPei on non S3 boots
 * allocate NVS memory and store a pointer to that memory
   - reduces memory use at fixed locations

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15301 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-04 08:03:23 +00:00
Laszlo Ersek 5fb6fc0f05 OvmfPkg: S3 Resume: pull in PEIM orchestrating S3 Resume
"UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf" produces the
EFI_PEI_S3_RESUME2 PEIM-to-PEIM Interface.

When the platform-specific initialization code (in PEI) sets the Boot Mode
to BOOT_ON_S3_RESUME, the DXE IPL (which is the last step in PEI) skips
the DXE phase entirely, and executes the S3 Resume PEIM through the
EFI_PEI_S3_RESUME2 interface instead. (See DxeLoadCore() in
"MdeModulePkg/Core/DxeIplPeim/DxeLoad.c".)

S3Resume2Pei depends on LockBoxLib.

  EFI_PEI_S3_RESUME2 [S3Resume2Pei]
    LockBoxLib [OvmfPkg/Library/LockBoxLib]

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15300 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-04 08:03:06 +00:00
Jordan Justen 8e54500fd4 OvmfPkg: Add section of memory to use for PEI on S3 resume
This 32k section of RAM will be declared to the PEI Core on
S3 resume to allow memory allocations during S3 resume PEI.

If the boot mode is BOOT_ON_S3_RESUME, then we publish
the pre-reserved PcdS3AcpiReservedMemory range to PEI.

If the boot mode is not BOOT_ON_S3_RESUME, then we reserve
this range as ACPI NVS so the OS will not use it.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15294 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-04 08:02:16 +00:00
Jordan Justen b36f701d4f OvmfPkg: Split MAINFV into a separate PEI and DXE FVs
By splitting the PEI and DXE phases into separate FVs,
we can only reserve the PEI FV for ACPI S3 support.
This should save about 7MB.

Unfortunately, this all has to happen in a single commit.

DEC:
* Remove PcdOvmfMemFv(Base|Size)
* Add PcdOvmfPeiMemFv(Base|Size)
* Add PcdOvmfDxeMemFv(Base|Size)

FDF:
* Add new PEIFV. Move PEI modules here.
* Remove MAINFV
* Add PEIFV and DXEFV into FVMAIN_COMPACT
   - They are added as 2 sections of a file, and compressed
     together so they should retain good compression
* PcdOvmf(Pei|Dxe)MemFv(Base|Size) are set

SEC:
* Find both the PEI and DXE FVs after decompression.
   - Copy them separately to their memory locations.

Platform PEI driver:
* Fv.c: Publish both FVs as appropriate
* MemDetect.c: PcdOvmfMemFv(Base|Size) =>
                PcdOvmfDxeMemFv(Base|Size)

OVMF.fd before:

  Non-volatile data storage
  FVMAIN_COMPACT                    uncompressed
    FV FFS file                     LZMA compressed
      MAINFV                        uncompressed
        individual PEI modules      uncompressed
        FV FFS file                 compressed with PI_NONE
          DXEFV                     uncompressed
            individual DXE modules  uncompressed
  SECFV                             uncompressed

OVMF.fd after:

  Non-volatile data storage
  FVMAIN_COMPACT                    uncompressed
    FV FFS file                     LZMA compressed
      PEIFV                         uncompressed
        individual PEI modules      uncompressed
      DXEFV                         uncompressed
        individual DXE modules      uncompressed
  SECFV                             uncompressed

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15151 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-21 19:39:13 +00:00
Jordan Justen 7cb6b0e068 OvmfPkg: Move SEC/PEI Temporary RAM from 0x70000 to 0x810000
Note: The Temporary RAM memory size is being reduced from
      64KB to 32KB. This still appears to be more than
      adequate for OVMF's early PEI phase. We will be adding
      another 32KB range of RAM just above this range for
      use on S3 resume.

The range is declared as part of MEMFD, so it is easier
to identify the memory range.

We also now assign PCDs to the memory range.

The PCDs are used to set the initial SEC/PEI stack in
SEC's assembly code.

The PCDs are also used in the SEC C code to setup
the Temporary RAM PPI.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15147 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-21 19:38:43 +00:00
Jordan Justen b382ede386 OvmfPkg X64 ResetVector: Move page tables from 512KB to 8MB
To help consolidate OVMF fixed memory uses, we declare this
range in MEMFD and thereby move it to 8MB.

We also now declare the table range in the FDF to set
PCDs. This allows us to ASSERT that CR3 is set as expected
in OVMF SEC.

OvmfPkgIa32.fdf and OvmfPkgIa32X64.fdf are updated simply
for consistency.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15146 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-21 19:38:34 +00:00
Jordan Justen 5300cf02b9 OvmfPkg: Carve 128KB out of MAINFV in MEMFD
In an effort to consolidate fixed memory used by OVMF,
we'll move 2 SEC/PEI phase RAM users to 8MB.
* X64 page tables (24KB)   0x80000 => 0x800000
* PEI temporary RAM (64KB) 0x70000 => 0x810000

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15144 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-21 19:38:16 +00:00
Olivier Martin 56f65ed838 OvmfPkg: Make the VirtIo devices use the new VIRTIO_DEVICE_PROTOCOL
This change replaces the accesses to the PCI bus from the Block, Scsi and Net drivers by
the use of the new VIRTIO_DEVICE_PROTOCOL protocol that abstracts the transport layer.
It means these drivers can be used on PCI and MMIO transport layer.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>

v5:
- VirtioFlush(): update comment block in VirtioLib.[hc]; error code is
  propagated from VirtIo->SetQueueNotify().
- VirtioBlkInit(): jump to Failed label if SetPageSize() fails
- VirtioBlkInit(): fixup comment, and add error handling, near
  SetQueueNum() call
- VirtioBlkDriverBindingStart(): remove redundant (always false) check for
  a subsystem device ID different from VIRTIO_SUBSYSTEM_BLOCK_DEVICE;
  VirtioBlkDriverBindingSupported() handles it already
- VirtioNetGetFeatures(): update stale comment block
- VirtioNetGetFeatures(): retrieve MAC address byte for byte (open-coded
  loop)
- VirtioNetDriverBindingStart(): remove redundant (always false) check for
  a subsystem device ID different from VIRTIO_SUBSYSTEM_NETWORK_CARD;
  VirtioNetDriverBindingSupported() handles it already
- VirtioNetInitRing(): call SetQueueNum() and SetQueueAlign() for proper
  MMIO operation
- VirtioNetInitialize(): fix destination error label for when
  SetPageSize() fails
- VirtioScsi.c: fix comment block of VIRTIO_CFG_WRITE()/VIRTIO_CFG_READ()
- VirtioScsiInit(): fix destination error label for when SetPageSize()
  fails
- VirtioScsiInit(): call SetQueueNum() and SetQueueAlign() for proper MMIO
  operation

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14966 6f19259b-4bc3-4df7-8a09-765794883524
2013-12-11 16:58:22 +00:00
Jordan Justen 182eb45627 OvmfPkg: Add QemuFlashFvbServicesRuntimeDxe to firmware image
This driver will support a flash FVB implementation if QEMU flash
is detected.

The driver is added to the apriori list to make sure it runs
before the EmuVariableFvbRuntimeDxe driver. If this driver detects
flash support, then it will disable the EmuVariableFvbRuntimeDxe
driver by setting PcdFlashNvStorageVariableBase64.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14840 6f19259b-4bc3-4df7-8a09-765794883524
2013-11-12 18:35:01 +00:00
Jordan Justen 9a08997862 OvmfPkg: Add NV Variable storage within FD
This is to prepare for QEMU flash support which will allow
non-volatile variables to be saved in the flash image.

Note two size changes:
 * NV Varstore size increased from 0xc000 to 0xe000
 * FTW work size decreased from 0x2000 to 0x1000

The reason for this change is that the fault-tolerant write
support requires that the work area fit within the block
just before the fault-tolerant write spare storage blocks.
Since QEMU flash blocks have a size of 0x1000, this means
that the maximum FTW work size is 0x1000.

v2:
 * Update commit message and PcdVariableStoreSize

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14835 6f19259b-4bc3-4df7-8a09-765794883524
2013-11-12 18:34:20 +00:00
Jordan Justen 8184a76439 OvmfPkg: Increase DEBUG build size to 2MB by default
The 1MB image with full debug and the shell included is too
large to implement flash based non-volatile variable.

After this change, building with -D FD_SIZE_1MB will
force the smaller flash size.

The default size for RELEASE build remains at 1MB, so using
-b RELEASE on the build command line will result in a
1MB flash size. For RELEASE builds -D FD_SIZE_2MB can be
used to produce a 2MB flash image.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14833 6f19259b-4bc3-4df7-8a09-765794883524
2013-11-12 18:34:02 +00:00
Jordan Justen 9bef3cdc8a OvmfPkg: Build and use the UEFI shell by default
Previously OVMF included the older EFI shell binary when building.

Now we will build and use the UEFI shell (ShellPkg) instead.

v2:
 * Don't bother building UEFI shell when USE_OLD_SHELL is defined
 * Fix errors in OvmfPkgIa32X64.fdf

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14600 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-23 18:45:47 +00:00
Ruiyu Ni 5c3481b0b6 OvmfPkg: Use the new DevicePathLib for all platforms
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <Ruiyu.ni@Intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14558 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-19 04:15:36 +00:00
Eric Dong 56af21cb4e Update OVMF platform to use new display engine and browser.
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com> 
Tested-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14541 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-12 02:24:32 +00:00
Eric Dong 2536161545 Rollback patch 14537 & 14538, because patch 14537 is not tested by Laszlo Ersek, but i wrote it.
Signed-off-by: Eric Dong <eric.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14539 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-12 02:03:10 +00:00
Eric Dong b9feb4bdf2 Update Browser to provide the customization possibilities.
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

MdeModulePkg Patch
Tested-by: Laszlo Ersek <lersek@redhat.com>

OvmfPkg Patch  
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com> 


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14537 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-09 05:26:47 +00:00
Laszlo Ersek 7a1f59476d OvmfPkg: enable building VirtioNetDxe
Also summarize the resultant NIC driver options in the README file.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14421 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-14 07:41:13 +00:00
jljusten 7628b0f5aa OvmfPkg: enable the generic network stack by default
DHCP, PXE, and StdLib socket apps are enabled in OVMF by the sum of:
(a) a UEFI NIC driver,
(b) the generic network stack.

The only choice for (a) used to be the proprietary Intel E1000 driver,
which is cumbersome to obtain and enable.

The iPXE UEFI NIC drivers packaged with qemu-1.5 cover (a) for each NIC
type supported by qemu, and are easy to obtain & configure, even for
earlier qemu versions. Therefore enable (b) per default as well.

This doesn't take up much space; the binaries (b) adds to the firmware
don't seem to need -D FD_SIZE_2MB.

Intel's e1000 driver remains an option, requested by the -D E1000_ENABLE
build flag.

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14366 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-15 18:20:39 +00:00
jljusten 862379feff OvmfPkg: increase MEMFD size to 8MB
With reference to
<http://sourceforge.net/mailarchive/message.php?msg_id=30359322>:

"MEMFD is built so MAINFV's contents will be relocated during the build to
address 0x800000", and it "is a firmware volume with most OVMF code/data
uncompressed. [...] Increasing its size has a little impact on the size of
the resulting firmware image since the blank part of the firmware volume
will compress well."

Let's increase the size to 8MB, since the current limit can get in the way
(for example when building-in the Intel3.5 drivers for e1000 with
-D FD_SIZE_2MB -D NETWORK_ENABLE -D SECURE_BOOT_ENABLE).

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14133 6f19259b-4bc3-4df7-8a09-765794883524
2013-02-14 19:21:56 +00:00
jljusten 37078a63b1 OvmfPkg: introduce virtio-scsi driver
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
[jordan.l.justen@intel.com: fix build for VS2012]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13867 6f19259b-4bc3-4df7-8a09-765794883524
2012-10-18 17:07:48 +00:00
jljusten fd51d75991 OvmfPkg: introduce virtio-blk driver
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13798 6f19259b-4bc3-4df7-8a09-765794883524
2012-10-08 07:32:59 +00:00
mdkinney eaeb45076e Here is a patch that by default keeps the current 1MB FD sizes. If FD_SIZE_2MB is defined, then 2MB FD sizes will be used.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13782 6f19259b-4bc3-4df7-8a09-765794883524
2012-10-04 15:41:15 +00:00
jljusten 8c71ec8f11 OvmfPkg: Add custom SecureBootConfigDxe that doesn't reset
We don't force a platform reset for OVMF when PK is changed in
custom mode setup.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Lee Rosenbaum <lee.g.rosenbaum@intel.com>
Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13635 6f19259b-4bc3-4df7-8a09-765794883524
2012-08-15 00:03:59 +00:00
jljusten aadb1d098d embed OvmfVideo.rom into OVMF.fd
This enables qemu to use OVMF with a single -bios option. Based on
<http://lists.xen.org/archives/html/xen-devel/2012-03/msg01992.html>.

v1->v2:
- move xen-devel link from code to commit message
- cover all three FDF files

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
[jordan.l.justen@intel.com: remove vgabios-cirrus.bin from build.sh/README]
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13520 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-10 22:43:19 +00:00
jljusten bab41b50f6 increase MEMFD size to enable secure boot build
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13519 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-10 22:43:05 +00:00
jljusten 7d2bd1505b OvmfPkg: Add AcpiPlatformDxe
This driver is currently a direct copy of
MdeModulePkg/Universal/Acpi/AcpiPlatformDxe.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13384 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-30 23:15:00 +00:00
leegrosenbaum 7a616e5b77 OvmfPkg: Add custom mode setup if the Secure Boot build option is specified.
If –D SECURE_BOOT_ENABLE is specified with the build command, Secure Boot support is enabled including custom mode setup.

This allows Secure Boot to be configured through setup allowing OvmfPkgX64, OvmfPkgIa32 and OvmfPkg3264 to be a fully functional Secure Boot reference platforms.
Remove redundant library class definitions for BaseCryptLib and OpenSslLib.

Signed-off-by: Lee Rosenbaum <lee.g.rosenbaum@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13160 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-04 17:35:06 +00:00
jljusten 8cee3de7e9 OvmfPkg: Enable secure-boot support when SECURE_BOOT_ENABLE==TRUE
Adjust PCD settings, library mappings and driver usage
to enable secure-boot when -D SECURE_BOOT_ENABLE=TRUE
is used on the build command line.

Signed-off-by: lgrosenb
Reviewed-by: jljusten
Reviewed-by: mdkinney

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13093 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-09 17:38:53 +00:00
lgao4 f8e1ae8328 Update OvmfPkg FDF to avoid DXE driver to be rebased on build time.
Signed-off-by: lgao4
Reviewed-by: jljusten

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12833 6f19259b-4bc3-4df7-8a09-765794883524
2011-12-11 15:18:25 +00:00
jljusten 4b3d663f7b OvmfPkg: Add CSM16 and related drivers if CSM_ENABLE is set
Note: The CSM16 binary must be copied into the tree at
OvmfPkg/Csm/Csm16/Csm16.bin in order to use CSM_ENABLE.

If CSM_ENABLE is set during the build, then the CSM16 binary
and the CSM support (Legacy BIOS) drivers will be added to
the build.

Signed-off-by: jljusten
Reviewed-by: geekboy15a

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12682 6f19259b-4bc3-4df7-8a09-765794883524
2011-11-10 22:04:49 +00:00
vanjeff 8f5e3a12a9 Removing IsaSerailDxe driver instead of removing the TerminalDxe driver when source level debugging feature enabled.
Signed-off-by: vanjeff
Reviewed-by: niruiyu


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12573 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-26 07:08:32 +00:00
jljusten fb51181762 OvmfPkg/SmbiosPlatformDxe: Add OVMF SMBIOS driver (with Xen support)
Locates Xen SMBIOS data and installs it using the SMBIOS
protocol.

Signed-off-by: gavinguan
Reviewed-by: Andrei Warkentin <andreiw@motorola.com>
Signed-off-by: jljusten

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12125 6f19259b-4bc3-4df7-8a09-765794883524
2011-08-13 22:54:37 +00:00
jljusten 345a0c8fce OvmfPkg: Add support for UEFI shell
When building:
-D BUILD_NEW_SHELL - Build and include UEFI shell in firmware
-D USE_NEW_SHELL - Include UEFI shell binary build in firmware

The default is to use the older EFI shell.

Signed-off-by: jljusten

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11890 6f19259b-4bc3-4df7-8a09-765794883524
2011-06-26 18:58:41 +00:00
jljusten 6738e4e7a0 OvmfPkg/*.fdf: Adjust FV/FD sizes for UNIXGCC DEBUG builds
In some configurations the UNIXGCC build will run out of
space when a DEBUG build is enabled.  This change adjusts
the flash configuration a bit to allow the build succeed
on UNIXGCC.

The final flash image still remains 1MB in size.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11547 6f19259b-4bc3-4df7-8a09-765794883524
2011-04-17 05:47:43 +00:00
jljusten eaf4f336ea OvmfPkg: Add QemuVideoDxe driver
This driver provides a UEFI Graphics Output Protocol (GOP) driver
for the QEMU Cirrus VGA hardware.  It enables 24-bit color,
and uses the standard 32-bit GOP pixel format whenever possible.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11524 6f19259b-4bc3-4df7-8a09-765794883524
2011-04-12 15:08:51 +00:00
jljusten 999a815e9f OvmfPkg: Add NullMemoryTestDxe driver
This driver will find untested memory in the system, and
make it available to the system.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11265 6f19259b-4bc3-4df7-8a09-765794883524
2011-01-21 16:50:47 +00:00
jljusten 689562cdb3 OvmfPkg: Add USB support
Add USB drivers to OVMF build

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11217 6f19259b-4bc3-4df7-8a09-765794883524
2010-12-31 07:55:38 +00:00
vanjeff c6efcc2aa9 Update Ovmf DSC/FDF files to support source debugging feature that will be switched on by "-D SOURCE_DEBUG_ENABLE".
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10868 6f19259b-4bc3-4df7-8a09-765794883524
2010-09-12 06:46:55 +00:00
mdkinney 7416f4eb3a Add support for e1000 NICs to OVMF
1) Update README describing the QEMU version required for e1000, where to download the UEFI drivers for e1000, and how to enable network drivers in the platform firmware
2) Update DSC/FDF files NETWORK_ENABLE switch to enable e1000 and network driver support




git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10697 6f19259b-4bc3-4df7-8a09-765794883524
2010-07-26 18:07:19 +00:00